Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Google Exam Professional Cloud Security Engineer Topic 2 Question 59 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 59
Topic #: 2
[All Professional Cloud Security Engineer Questions]

You want data on Compute Engine disks to be encrypted at rest with keys managed by Cloud Key Management Service (KMS). Cloud Identity and Access Management (IAM) permissions to these keys must be managed in a grouped way because the permissions should be the same for all keys.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

VPC Flow Logs samples each VM's TCP, UDP, ICMP, ESP, and GRE flows. Both inbound and outbound flows are sampled. These flows can be between the VM and another VM, a host in your on-premises data center, a Google service, or a host on the internet. https://cloud.google.com/vpc/docs/flow-logs


by Pamella at Jan 08, 2023, 09:53 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Marica
4 days ago
Forget the keys, let's just encrypt everything with duct tape. That's the real Cloud KMS.
upvoted 0 times
...
Carli
6 days ago
Ah, the joys of cloud infrastructure! I think I'll go with B - less keys, less problems, am I right?
upvoted 0 times
...
Lottie
9 days ago
This question is like a treasure hunt, but the treasure is just more bureaucracy. I'll go with B, just to keep things from getting too messy.
upvoted 0 times
...
Sanjuana
9 days ago
Hmm, I'm torn between B and D. But I guess B makes more sense since it's less administrative overhead.
upvoted 0 times
...
Albert
13 days ago
But wouldn't managing permissions at the Key level provide more granular control over access to the keys?
upvoted 0 times
...
Sylvie
14 days ago
I disagree, I believe creating a KeyRing per persistent disk and managing IAM permissions at the KeyRing level would be more secure.
upvoted 0 times
...
Mitzie
15 days ago
Option B is the way to go! Manage the IAM permissions at the KeyRing level to keep things simple and streamlined.
upvoted 0 times
Gilberto
5 days ago
Option B is the way to go! Manage the IAM permissions at the KeyRing level to keep things simple and streamlined.
upvoted 0 times
...
...
Albert
25 days ago
I think we should create a single KeyRing for all persistent disks and manage IAM permissions at the Key level.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77